Companies looking to make Web services available to business partners and their respective user bases must first figure out how to federate identity. Federated identity management refers to managing access so that only those who have a right to use specific services may do so.

Take for example Acme Insurance, which wants to make quotes through Web services to legitimate employees of multiple employer partners. If Acme needs to create a user account for each new employee of an employer partner, it would need to maintain a large user database at a high cost. It's far more efficient to have the employer basically vouch for its employees. Advertisement:

There are several XML standards for federating identity across domains: Security Assertion Markup Language (SAML), Liberty Alliance and Web Services Federation Language (WS-Federation). They can be used to eliminate duplicate user repositories, while letting companies intermix standards-compliant products from different vendors. For example, an XML-/SAML-aware gateway or proxy can be used to both enforce access control

Read this full article at nwfusion.com

Only registered users can write comments.
Please login or register.

Powered by AkoComment!